Ticket #5859 (closed Bug: fixed)
New user inscription with email verification blocks due to requestReset unavaiable in context
| Reported by: | chris2fr | Owned by: | wichert |
|---|---|---|---|
| Priority: | blocker | Milestone: | 2.5.2 |
| Component: | Infrastructure | Keywords: | |
| Cc: |
Description
Here is what happens :
I install plone 2.5.1 from teh whole package installer and install an instance from the admin user.
I then try to create a new account, either with or without the ability to choose my own password. If I don't choose my password (site setting), or if I choose a password and want it mailed to me, I get the following error :
Please enter a valid email address. We were unable to send your password to your email address: You are not allowed to access 'requestReset' in this context
Looks like the mailer is set wrong, right ? Wrong. I can ask for my password mailed to me or send me or anyone else content through the email function.
I've been on this issue on the IRC for some time now. Here are two URLs of interest :
http://dev.plone.org/collective/browser/PasswordResetTool?rev=31152 http://dev.plone.org/collective/log/PasswordResetTool
In the 2.5.1, the proxy roles are configured. It would seem that the problem comes from somewhere else.
Change History
comment:1 Changed 5 years ago by bbest
- Status changed from new to assigned
- Owner changed from wichert to bbest
comment:2 Changed 5 years ago by bbest
- Status changed from assigned to new
- Owner changed from bbest to wichert
comment:3 Changed 5 years ago by alecm
- Status changed from new to closed
- Resolution set to worksforme
I cannot reproduce this with Plone 2.5 svn. Please test on svn or next release, and provide more details (which installer was used, etc)
comment:4 Changed 5 years ago by PythonHack
Plone 2.5.1 + zope 2.9 (release installer) with bundle
I have tried every combination I can think of and can not produce any password reset error unless one of these two settings are wrong:
- if the mailhost setting for smtp is wrong, or
- if the portal settings Site "From" Address is wrong
In the latter case, however, a new registration will not validate. [The input email addy is marked as invalid (even though it is ok) and a somewhat obscure error message is provided.]
Otherwise I am unable to reproduce this at all, at least not via localhost.
If it still occurs in 2.5.2 we need more details about how to reproduce it.
comment:5 Changed 5 years ago by deesto
- Status changed from closed to reopened
- Resolution worksforme deleted
FYI: I have the misfortune of being able to reproduce this error consistently (2.5.1, universal installer, RHEL4 Linux) with the following settings: mail host: localhost (default) port: 25 (default) either "auto-generate password" setting, or user-specified password setting, with the user selection to send themselves their new password. This does _not_ occur when the user is permitted to choose their own password, _and_ they do not choose to send the password to themselves.
comment:6 Changed 5 years ago by wichert
- Status changed from reopened to closed
- Resolution set to fixed
This is fixed in svn, and the fix will be in 2.5.2 (of which there is a release candidate you can try).
comment:7 Changed 5 years ago by dreamcatcher
Wichert,
Do you have a link to the checkin that fixed this issue?
I have the same problem, as I suspect all new users of the latest Plone 2.5.1. This seems to be related to the [Plone Security Advisory: Password Reset Tool http://plone.org/news/plone-security-advisory-password-reset-tool]. This appears to rule out anonymous joining of the site.